PostgreSQL Source Code  git master
scram.h File Reference
#include "common/cryptohash.h"
#include "lib/stringinfo.h"
#include "libpq/libpq-be.h"
#include "libpq/sasl.h"
Include dependency graph for scram.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

char * pg_be_scram_build_secret (const char *password)
 
bool parse_scram_secret (const char *secret, int *iterations, pg_cryptohash_type *hash_type, int *key_length, char **salt, uint8 *stored_key, uint8 *server_key)
 
bool scram_verify_plain_password (const char *username, const char *password, const char *secret)
 

Variables

PGDLLIMPORT int scram_sha_256_iterations
 
PGDLLIMPORT const pg_be_sasl_mech pg_be_scram_mech
 

Function Documentation

◆ parse_scram_secret()

bool parse_scram_secret ( const char *  secret,
int *  iterations,
pg_cryptohash_type hash_type,
int *  key_length,
char **  salt,
uint8 stored_key,
uint8 server_key 
)

Definition at line 589 of file auth-scram.c.

592 {
593  char *v;
594  char *p;
595  char *scheme_str;
596  char *salt_str;
597  char *iterations_str;
598  char *storedkey_str;
599  char *serverkey_str;
600  int decoded_len;
601  char *decoded_salt_buf;
602  char *decoded_stored_buf;
603  char *decoded_server_buf;
604 
605  /*
606  * The secret is of form:
607  *
608  * SCRAM-SHA-256$<iterations>:<salt>$<storedkey>:<serverkey>
609  */
610  v = pstrdup(secret);
611  if ((scheme_str = strtok(v, "$")) == NULL)
612  goto invalid_secret;
613  if ((iterations_str = strtok(NULL, ":")) == NULL)
614  goto invalid_secret;
615  if ((salt_str = strtok(NULL, "$")) == NULL)
616  goto invalid_secret;
617  if ((storedkey_str = strtok(NULL, ":")) == NULL)
618  goto invalid_secret;
619  if ((serverkey_str = strtok(NULL, "")) == NULL)
620  goto invalid_secret;
621 
622  /* Parse the fields */
623  if (strcmp(scheme_str, "SCRAM-SHA-256") != 0)
624  goto invalid_secret;
625  *hash_type = PG_SHA256;
626  *key_length = SCRAM_SHA_256_KEY_LEN;
627 
628  errno = 0;
629  *iterations = strtol(iterations_str, &p, 10);
630  if (*p || errno != 0)
631  goto invalid_secret;
632 
633  /*
634  * Verify that the salt is in Base64-encoded format, by decoding it,
635  * although we return the encoded version to the caller.
636  */
637  decoded_len = pg_b64_dec_len(strlen(salt_str));
638  decoded_salt_buf = palloc(decoded_len);
639  decoded_len = pg_b64_decode(salt_str, strlen(salt_str),
640  decoded_salt_buf, decoded_len);
641  if (decoded_len < 0)
642  goto invalid_secret;
643  *salt = pstrdup(salt_str);
644 
645  /*
646  * Decode StoredKey and ServerKey.
647  */
648  decoded_len = pg_b64_dec_len(strlen(storedkey_str));
649  decoded_stored_buf = palloc(decoded_len);
650  decoded_len = pg_b64_decode(storedkey_str, strlen(storedkey_str),
651  decoded_stored_buf, decoded_len);
652  if (decoded_len != *key_length)
653  goto invalid_secret;
654  memcpy(stored_key, decoded_stored_buf, *key_length);
655 
656  decoded_len = pg_b64_dec_len(strlen(serverkey_str));
657  decoded_server_buf = palloc(decoded_len);
658  decoded_len = pg_b64_decode(serverkey_str, strlen(serverkey_str),
659  decoded_server_buf, decoded_len);
660  if (decoded_len != *key_length)
661  goto invalid_secret;
662  memcpy(server_key, decoded_server_buf, *key_length);
663 
664  return true;
665 
666 invalid_secret:
667  *salt = NULL;
668  return false;
669 }
int pg_b64_decode(const char *src, int len, char *dst, int dstlen)
Definition: base64.c:116
int pg_b64_dec_len(int srclen)
Definition: base64.c:239
@ PG_SHA256
Definition: cryptohash.h:24
char * pstrdup(const char *in)
Definition: mcxt.c:1696
void * palloc(Size size)
Definition: mcxt.c:1317
#define SCRAM_SHA_256_KEY_LEN
Definition: scram-common.h:24
int iterations
Definition: thread-thread.c:39

References iterations, palloc(), pg_b64_dec_len(), pg_b64_decode(), PG_SHA256, pstrdup(), and SCRAM_SHA_256_KEY_LEN.

Referenced by get_password_type(), scram_init(), and scram_verify_plain_password().

◆ pg_be_scram_build_secret()

char* pg_be_scram_build_secret ( const char *  password)

Definition at line 472 of file auth-scram.c.

473 {
474  char *prep_password;
475  pg_saslprep_rc rc;
476  char saltbuf[SCRAM_DEFAULT_SALT_LEN];
477  char *result;
478  const char *errstr = NULL;
479 
480  /*
481  * Normalize the password with SASLprep. If that doesn't work, because
482  * the password isn't valid UTF-8 or contains prohibited characters, just
483  * proceed with the original password. (See comments at top of file.)
484  */
485  rc = pg_saslprep(password, &prep_password);
486  if (rc == SASLPREP_SUCCESS)
487  password = (const char *) prep_password;
488 
489  /* Generate random salt */
491  ereport(ERROR,
492  (errcode(ERRCODE_INTERNAL_ERROR),
493  errmsg("could not generate random salt")));
494 
496  saltbuf, SCRAM_DEFAULT_SALT_LEN,
498  &errstr);
499 
500  if (prep_password)
501  pfree(prep_password);
502 
503  return result;
504 }
int scram_sha_256_iterations
Definition: auth-scram.c:192
int errcode(int sqlerrcode)
Definition: elog.c:855
int errmsg(const char *fmt,...)
Definition: elog.c:1068
#define ERROR
Definition: elog.h:39
#define ereport(elevel,...)
Definition: elog.h:149
void pfree(void *pointer)
Definition: mcxt.c:1521
bool pg_strong_random(void *buf, size_t len)
pg_saslprep_rc pg_saslprep(const char *input, char **output)
Definition: saslprep.c:1044
pg_saslprep_rc
Definition: saslprep.h:21
@ SASLPREP_SUCCESS
Definition: saslprep.h:22
char * scram_build_secret(pg_cryptohash_type hash_type, int key_length, const char *salt, int saltlen, int iterations, const char *password, const char **errstr)
Definition: scram-common.c:210
#define SCRAM_DEFAULT_SALT_LEN
Definition: scram-common.h:44
static char * password
Definition: streamutil.c:54

References ereport, errcode(), errmsg(), ERROR, password, pfree(), pg_saslprep(), PG_SHA256, pg_strong_random(), SASLPREP_SUCCESS, scram_build_secret(), SCRAM_DEFAULT_SALT_LEN, scram_sha_256_iterations, and SCRAM_SHA_256_KEY_LEN.

Referenced by encrypt_password().

◆ scram_verify_plain_password()

bool scram_verify_plain_password ( const char *  username,
const char *  password,
const char *  secret 
)

Definition at line 512 of file auth-scram.c.

514 {
515  char *encoded_salt;
516  char *salt;
517  int saltlen;
518  int iterations;
519  int key_length = 0;
520  pg_cryptohash_type hash_type;
521  uint8 salted_password[SCRAM_MAX_KEY_LEN];
522  uint8 stored_key[SCRAM_MAX_KEY_LEN];
523  uint8 server_key[SCRAM_MAX_KEY_LEN];
524  uint8 computed_key[SCRAM_MAX_KEY_LEN];
525  char *prep_password;
526  pg_saslprep_rc rc;
527  const char *errstr = NULL;
528 
529  if (!parse_scram_secret(secret, &iterations, &hash_type, &key_length,
530  &encoded_salt, stored_key, server_key))
531  {
532  /*
533  * The password looked like a SCRAM secret, but could not be parsed.
534  */
535  ereport(LOG,
536  (errmsg("invalid SCRAM secret for user \"%s\"", username)));
537  return false;
538  }
539 
540  saltlen = pg_b64_dec_len(strlen(encoded_salt));
541  salt = palloc(saltlen);
542  saltlen = pg_b64_decode(encoded_salt, strlen(encoded_salt), salt,
543  saltlen);
544  if (saltlen < 0)
545  {
546  ereport(LOG,
547  (errmsg("invalid SCRAM secret for user \"%s\"", username)));
548  return false;
549  }
550 
551  /* Normalize the password */
552  rc = pg_saslprep(password, &prep_password);
553  if (rc == SASLPREP_SUCCESS)
554  password = prep_password;
555 
556  /* Compute Server Key based on the user-supplied plaintext password */
557  if (scram_SaltedPassword(password, hash_type, key_length,
558  salt, saltlen, iterations,
559  salted_password, &errstr) < 0 ||
560  scram_ServerKey(salted_password, hash_type, key_length,
561  computed_key, &errstr) < 0)
562  {
563  elog(ERROR, "could not compute server key: %s", errstr);
564  }
565 
566  if (prep_password)
567  pfree(prep_password);
568 
569  /*
570  * Compare the secret's Server Key with the one computed from the
571  * user-supplied password.
572  */
573  return memcmp(computed_key, server_key, key_length) == 0;
574 }
bool parse_scram_secret(const char *secret, int *iterations, pg_cryptohash_type *hash_type, int *key_length, char **salt, uint8 *stored_key, uint8 *server_key)
Definition: auth-scram.c:589
unsigned char uint8
Definition: c.h:504
pg_cryptohash_type
Definition: cryptohash.h:20
#define LOG
Definition: elog.h:31
#define elog(elevel,...)
Definition: elog.h:224
static char * username
Definition: initdb.c:153
int scram_ServerKey(const uint8 *salted_password, pg_cryptohash_type hash_type, int key_length, uint8 *result, const char **errstr)
Definition: scram-common.c:172
int scram_SaltedPassword(const char *password, pg_cryptohash_type hash_type, int key_length, const char *salt, int saltlen, int iterations, uint8 *result, const char **errstr)
Definition: scram-common.c:38
#define SCRAM_MAX_KEY_LEN
Definition: scram-common.h:30

References elog, ereport, errmsg(), ERROR, iterations, LOG, palloc(), parse_scram_secret(), password, pfree(), pg_b64_dec_len(), pg_b64_decode(), pg_saslprep(), SASLPREP_SUCCESS, SCRAM_MAX_KEY_LEN, scram_SaltedPassword(), scram_ServerKey(), and username.

Referenced by plain_crypt_verify().

Variable Documentation

◆ pg_be_scram_mech

PGDLLIMPORT const pg_be_sasl_mech pg_be_scram_mech
extern

Definition at line 113 of file auth-scram.c.

Referenced by CheckPWChallengeAuth().

◆ scram_sha_256_iterations

PGDLLIMPORT int scram_sha_256_iterations
extern

Definition at line 192 of file auth-scram.c.

Referenced by pg_be_scram_build_secret().